fixup! ✨(backend) handle indexer not configured

I fall back on title_search when the indexer
is not configured

Signed-off-by: charles <charles.englebert@protonmail.com>

Signed-off-by: charles <charles.englebert@protonmail.com>

Signed-off-by: charles <charles.englebert@protonmail.com>

Signed-off-by: charles <charles.englebert@protonmail.com>

Author: mascarpon3

src/backend/core/api/filters.py

@@ -47,10 +47,13 @@ class DocumentFilter(django_filters.FilterSet):
     title = AccentInsensitiveCharFilter(
         field_name="title", lookup_expr="unaccent__icontains", label=_("Title")
     )
+    q = AccentInsensitiveCharFilter(
+        field_name="title", lookup_expr="unaccent__icontains", label=_("Search")
+    )
 
     class Meta:
         model = models.Document
-        fields = ["title"]
+        fields = ["title", "q"]
 
 
 class ListDocumentFilter(DocumentFilter):
@@ -70,7 +73,7 @@ class ListDocumentFilter(DocumentFilter):
 
     class Meta:
         model = models.Document
-        fields = ["is_creator_me", "is_favorite", "title"]
+        fields = ["is_creator_me", "is_favorite", "title", "q"]
 
     # pylint: disable=unused-argument
     def filter_is_creator_me(self, queryset, name, value):

src/backend/core/api/viewsets.py

@@ -600,7 +600,7 @@ def list(self, request, *args, **kwargs):
         filter_data = filterset.form.cleaned_data
 
         # Filter as early as possible on fields that are available on the model
-        for field in ["is_creator_me", "title"]:
+        for field in ["is_creator_me", "title", "q"]:
             queryset = filterset.filters[field].filter(queryset, filter_data[field])
 
         queryset = queryset.annotate_user_roles(user)
@@ -1067,7 +1067,7 @@ def all(self, request, *args, **kwargs):
         filter_data = filterset.form.cleaned_data
 
         # Filter as early as possible on fields that are available on the model
-        for field in ["is_creator_me", "title"]:
+        for field in ["is_creator_me", "title", "q"]:
             queryset = filterset.filters[field].filter(queryset, filter_data[field])
 
         queryset = queryset.annotate_user_roles(user)
@@ -1084,6 +1084,30 @@ def all(self, request, *args, **kwargs):
 
         return self.get_response_for_queryset(queryset)
 
+    @drf.decorators.action(
+        detail=True,
+        methods=["get"],
+        ordering=["path"],
+    )
+    def descendants(self, request, *args, **kwargs):
+        """Deprecated endpoint to list descendants of a document."""
+        logger.warning(
+            "The 'descendants' endpoint is deprecated and will be removed in a future release. "
+            "The search endpoint should be used for all document retrieval use cases."
+        )
+        document = self.get_object()
+
+        queryset = document.get_descendants().filter(ancestors_deleted_at__isnull=True)
+        queryset = self.filter_queryset(queryset)
+
+        filterset = DocumentFilter(request.GET, queryset=queryset)
+        if not filterset.is_valid():
+            raise drf.exceptions.ValidationError(filterset.errors)
+
+        queryset = filterset.qs
+
+        return self.get_response_for_queryset(queryset)
+
     @drf.decorators.action(
         detail=True,
         methods=["get"],
@@ -1366,8 +1390,8 @@ def search(self, request, *args, **kwargs):
         """
         Returns an ordered list of documents best matching the search query parameter 'q'.
 
-        It depends on a search configurable Search Indexer. If no Search Indexer is configured or if it
-        is not reachable, the function falls back to a basic title search.
+        It depends on a search configurable Search Indexer. If no Search Indexer is configured
+        or if it is not reachable, the function falls back to a basic title search.
         """
         params = serializers.SearchDocumentSerializer(data=request.query_params)
         params.is_valid(raise_exception=True)
@@ -1382,10 +1406,7 @@ def search(self, request, *args, **kwargs):
         except requests.exceptions.RequestException as e:
             logger.error("Error while searching documents with indexer: %s", e)
             # fallback on title search if the indexer is not reached
-            return self._title_search(
-                request, params.validated_data, *args, **kwargs
-            )
-
+            return self._title_search(request, params.validated_data, *args, **kwargs)
 
     @staticmethod
     def _search_with_indexer(indexer, request, params):
@@ -1419,29 +1440,31 @@ def _title_search(self, request, validated_data, *args, **kwargs):
         Fallback search method when no indexer is configured.
         Only searches in the title field of documents.
         """
-        request.GET = request.GET.copy()
-        request.GET["title"] = validated_data["q"]
-
-        if "path" not in validated_data or not validated_data["path"]:
+        if not validated_data.get("path"):
             return self.list(request, *args, **kwargs)
 
-        return self._list_descendants(request)
+        return self._list_descendants(request, validated_data)
 
-    def _list_descendants(self, request):
+    def _list_descendants(self, request, validated_data):
         """
         List all documents whose path starts with the provided path parameter.
         Includes the parent document itself.
         Used internally by the search endpoint when path filtering is requested.
         """
         # Get parent document without access filtering
-        parent_path = request.GET["path"]
+        parent_path = validated_data["path"]
         try:
-            parent = models.Document.objects.get(path=parent_path)
+            parent = models.Document.objects.annotate_user_roles(request.user).get(
+                path=parent_path
+            )
         except models.Document.DoesNotExist as exc:
             raise drf.exceptions.NotFound("Document not found from path.") from exc
 
-        # Check object-level permissions using DocumentPermission logic
-        self.check_object_permissions(request, parent)
+        abilities = parent.get_abilities(request.user)
+        if not abilities.get("search"):
+            raise drf.exceptions.PermissionDenied(
+                "You do not have permission to search within this document."
+            )
 
         # Get descendants and include the parent, ordered by path
         queryset = (

src/backend/core/tests/documents/test_api_documents_list_filters.py

@@ -16,7 +16,16 @@
 pytestmark = pytest.mark.django_db
 
 
-def test_api_documents_list_filter_and_access_rights():
+@pytest.mark.parametrize(
+    "title_search_field",
+    # for integration with indexer search we must have
+    # the same filtering behaviour with "q" and "title" parameters
+    [
+        ("title"),
+        ("q"),
+    ],
+)
+def test_api_documents_list_filter_and_access_rights(title_search_field):
     """Filtering on querystring parameters should respect access rights."""
     user = factories.UserFactory()
     client = APIClient()
@@ -76,7 +85,7 @@ def random_favorited_by():
 
     filters = {
         "link_reach": random.choice([None, *models.LinkReachChoices.values]),
-        "title": random.choice([None, *word_list]),
+        title_search_field: random.choice([None, *word_list]),
         "favorite": random.choice([None, True, False]),
         "creator": random.choice([None, user, other_user]),
         "ordering": random.choice(

src/backend/core/tests/documents/test_api_documents_search.py

@@ -84,7 +84,7 @@ def test_api_documents_search_fall_back_on_search_list(mock_list, indexer_settin
     response = client.get("/api/v1.0/documents/search/", data={"q": q})
 
     assert mock_list.call_count == 1
-    assert mock_list.call_args[0][0].GET.get("title") == q
+    assert mock_list.call_args[0][0].GET.get("q") == q
     assert response.json() == mocked_response
 
 
@@ -119,7 +119,7 @@ def test_api_documents_search_fallback_on_search_list_sub_docs(
     )
 
     assert mock_list_descendants.call_count == 1
-    assert mock_list_descendants.call_args[0][0].GET.get("title") == q
+    assert mock_list_descendants.call_args[0][0].GET.get("q") == q
     assert mock_list_descendants.call_args[0][0].GET.get("path") == parent.path
     assert response.json() == mocked_response
 

src/backend/core/tests/documents/test_api_documents_search_descendants.py

@@ -286,9 +286,9 @@ def test_api_documents_descendants_list_anonymous_restricted_or_authenticated(re
         "/api/v1.0/documents/search/", data={"q": "child", "path": document.path}
     )
 
-    assert response.status_code == 401
+    assert response.status_code == 403
     assert response.json() == {
-        "detail": "Authentication credentials were not provided."
+        "detail": "You do not have permission to search within this document."
     }
 
 
@@ -528,7 +528,7 @@ def test_api_documents_descendants_list_authenticated_unrelated_restricted():
 
     assert response.status_code == 403
     assert response.json() == {
-        "detail": "You do not have permission to perform this action."
+        "detail": "You do not have permission to search within this document."
     }
 
 
@@ -767,7 +767,7 @@ def test_api_documents_descendants_list_authenticated_related_child():
     )
     assert response.status_code == 403
     assert response.json() == {
-        "detail": "You do not have permission to perform this action."
+        "detail": "You do not have permission to search within this document."
     }
 
 
@@ -795,7 +795,7 @@ def test_api_documents_descendants_list_authenticated_related_team_none(
 
     assert response.status_code == 403
     assert response.json() == {
-        "detail": "You do not have permission to perform this action."
+        "detail": "You do not have permission to search within this document."
     }